| Use After Free | |
| Information Exposure | |
| Improper Authorization | |
| Use After Free | |
| Exposure of Resource to Wrong Sphere | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use After Free | |
| Out-of-Bounds | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Out-of-Bounds | |
| Cross-site Scripting (XSS) | |
| Out-of-Bounds | |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | |
| Out-of-bounds Write | |
| Integer Overflow or Wraparound | |
| Improper Input Validation | |
| Use of Low-Level Functionality | |
| Use After Free | |
| User Impersonation | |
| Use After Free | |
| Authorization Bypass Through User-Controlled Key | |
| Arbitrary Code Injection | |
| Origin Validation Error | |
| Information Exposure | |
| Off-by-one Error | |
| Integer Overflow or Wraparound | |
| Buffer Overflow | |
| User Impersonation | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use of Uninitialized Resource | |
| Denial of Service (DoS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | |
| Origin Validation Error | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Exposure of Resource to Wrong Sphere | |
| Out-of-Bounds | |
| Incorrect Calculation of Buffer Size | |
| Improper Encoding or Escaping of Output | |
| Information Exposure | |
| Origin Validation Error | |
| Protection Mechanism Failure | |
| Arbitrary Code Injection | |
| Out-of-Bounds | |
| NULL Pointer Dereference | |
| Out-of-Bounds | |
| Improper Authentication | |
| Out-of-Bounds | |
| Improper Input Validation | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Out-of-Bounds | |
| Use After Free | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Exposure of Resource to Wrong Sphere | |
| Information Exposure | |
| Access Control Bypass | |
| Cross-site Request Forgery (CSRF) | |
| Information Exposure | |
| Open Redirect | |
| Improper Input Validation | |
| Improper Certificate Validation | |
| Out-of-Bounds | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Integer Overflow or Wraparound | |
| Cleartext Transmission of Sensitive Information | |
| Improper Encoding or Escaping of Output | |
| Arbitrary Command Injection | |
| Unsafe Dependency Resolution | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Arbitrary Code Injection | |
| Origin Validation Error | |
| Incorrect Privilege Assignment | |
| Cross-site Request Forgery (CSRF) | |
| Improper Encoding or Escaping of Output | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Out-of-bounds Read | |
| Improper Isolation or Compartmentalization | |
| Insertion of Sensitive Information into Log File | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Improper Input Validation | |
| Use After Free | |
| Out-of-Bounds | |
| Information Exposure | |
| Out-of-Bounds | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Race Condition | |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere | |
| Improper Isolation or Compartmentalization | |
| Use After Free | |
| Use After Free | |
| Access Control Bypass | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | |
| Information Exposure | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Improper Synchronization | |
| Arbitrary Code Injection | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Access Control Bypass | |
| Out-of-Bounds | |
| Use After Free | |
| Use After Free | |
| Out-of-Bounds | |
| Use After Free | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-bounds Write | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Write | |
| Improper Certificate Validation | |
| Use After Free | |
| Improper Privilege Management | |
| Use After Free | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Open Redirect | |
| Access Control Bypass | |
| User Impersonation | |
| Information Exposure | |
| User Interface (UI) Misrepresentation of Critical Information | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Write | |
| Improper Initialization | |
| Double Free | |
| Improper Authentication | |
| Access Control Bypass | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Race Condition | |
| Improper Check for Unusual or Exceptional Conditions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| NULL Pointer Dereference | |
| User Interface (UI) Misrepresentation of Critical Information | |
| NULL Pointer Dereference | |
| Out-of-Bounds | |
| Denial of Service (DoS) | |
| Race Condition | |
| Out-of-Bounds | |
| Denial of Service (DoS) | |
| Use After Free | |
| Incorrect Default Permissions | |
| Cross-site Scripting (XSS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Exposure of Resource to Wrong Sphere | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Denial of Service (DoS) | |
| User Impersonation | |
| Denial of Service (DoS) | |
| Use After Free | |
| Information Exposure | |
| Origin Validation Error | |
| Arbitrary Code Injection | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Denial of Service (DoS) | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Information Exposure | |
| URL Redirection to Untrusted Site ('Open Redirect') | |
| Type Confusion | |
| Type Confusion | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Improper Handling of Exceptional Conditions | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-bounds Write | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Improper Verification of Source of a Communication Channel | |
| Cross-site Request Forgery (CSRF) | |
| Use After Free | |
| Use After Free | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Read | |
| Information Exposure | |
| User Interface (UI) Misrepresentation of Critical Information | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Improper Access Control | |
| Use After Free | |
| Type Confusion | |
| Out-of-bounds Write | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Improper Access Control | |
| Information Exposure | |
| Improper Restriction of User Interface Security Features | |
| Out-of-bounds Read | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Improper Input Validation | |
| Use After Free | |
| Infinite Loop | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Out-of-bounds Write | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Race Condition | |
| Out-of-bounds Read | |
| Access of Uninitialized Pointer | |
| Access Restriction Bypass | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Timing Attack | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Write | |
| Information Exposure | |
| Use After Free | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use After Free | |
| Information Exposure | |
| Improper Privilege Management | |
| Out-of-bounds Write | |
| Improperly Implemented Security Check for Standard | |
| Improper Input Validation | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Exposure of Sensitive Information to an Unauthorized Actor | |
| Reliance on Undefined, Unspecified or Implementation-Defined Behavior | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use of Insufficiently Random Values | |
| Information Exposure | |
| Improper Initialization | |
| Use After Free | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Access of Uninitialized Pointer | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Code Injection | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Classic Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Resource Exhaustion | |
| Uncontrolled Resource Consumption ('Resource Exhaustion') | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Read | |
| Out-of-bounds Read | |
| Access of Uninitialized Pointer | |
| Out-of-Bounds | |
| Use After Free | |
| Use After Free | |
| Improper Check or Handling of Exceptional Conditions | |
| Insufficient UI Warning of Dangerous Operations | |
| Out-of-bounds Read | |
| Out-of-Bounds | |
| Out-of-bounds Read | |
| Improper Control of Generation of Code ('Code Injection') | |
| Improper Privilege Management | |
| Timing Attack | |
| Resource Exhaustion | |
| Code Injection | |
| Cross-Site Request Forgery (CSRF) | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Code Injection | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-Bounds | |
| Out-of-bounds Read | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Open Redirect | |
| User Interface (UI) Misrepresentation of Critical Information | |
| The UI Performs the Wrong Action | |
| Buffer Overflow | |
| Reliance on Cookies without Validation and Integrity Checking | |
| NULL Pointer Dereference | |
| Buffer Overflow | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Incorrect Conversion between Numeric Types | |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | |
| Denial of Service (DoS) | |
| Use After Free | |
| Improper Check for Unusual or Exceptional Conditions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Stack-based Buffer Overflow | |
| NULL Pointer Dereference | |
| Inadequate Encryption Strength | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | |
| Improper Input Validation | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Input Validation | |
| Improper Access Control | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Write | |
| Improper Input Validation | |
| Improper Handling of Exceptional Conditions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure Through Log Files | |
| Improper Access Control | |
| Information Exposure | |
| Observable Timing Discrepancy | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Improper Input Validation | |
| Use After Free | |
| Heap-based Buffer Overflow | |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | |
| Use of Uninitialized Resource | |
| Improper Input Validation | |
| Heap-based Buffer Overflow | |
| Open Redirect | |
| Open Redirect | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Directory Traversal | |
| Use After Free | |
| Out-of-Bounds | |
| Authentication Bypass Using Spoofing Attack | |
| Buffer Overflow | |
| Information Exposure | |
| Improper Input Validation | |
| Product UI Spoofing | |
| URL Redirection to Untrusted Site | |
| Product UI Manipulable for User-Controlled Input | |
| Improper Release of Memory Before Removing Last Reference | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Insufficient UI Warning of Dangerous Operations | |
| Multiple Interpretations of UI Input | |
| Use After Free | |
| Out-of-bounds Write | |
| Use After Free | |
| Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') | |
| Double Free | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Use After Free | |
| Buffer Overflow | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Information Exposure | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Improper Access Control | |
| Improper Access Control | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Improper Access Control | |
| Denial of Service (DoS) | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Race Condition | |
| Improper Input Validation | |
| Insecure Permissions | |
| Unsafe Dependency Resolution | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Cross-site Request Forgery (CSRF) | |
| Denial of Service (DoS) | |
| Improper Input Validation | |
| Use After Free | |
| Improper Input Validation | |
| User Impersonation | |
| Improper Access Control | |
| Improper Access Control | |
| Buffer Overflow | |
| Denial of Service (DoS) | |
| Improper Access Control | |
| Information Exposure | |
| Denial of Service (DoS) | |
| Open Redirect | |
| Denial of Service (DoS) | |
| Arbitrary Code Execution | |
| Access Control Bypass | |
| Access Control Bypass | |
| Access Control Bypass | |
| Denial of Service (DoS) | |
| Information Exposure | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Denial of Service (DoS) | |
| Access Control Bypass | |
| Arbitrary File Read | |
| Arbitrary Code Execution | |
| Improper Access Control | |
| Sandbox Bypass | |
| Information Exposure | |
| Insecure Defaults | |
| Denial of Service (DoS) | |
| Information Exposure | |
| Use After Free | |
| Denial of Service (DoS) | |
| Sandbox Bypass | |
| Access Restriction Bypass | |
| Out-of-bounds Read | |
| Improper Access Control | |
| Denial of Service (DoS) | |
| Double Free | |
| Out-of-Bounds Write | |
| Access Restriction Bypass | |
| Multiple Interpretations of UI Input | |
| Out-of-Bounds Write | |
| Out-of-bounds Write | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Access Restriction Bypass | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Unsafe Dependency Resolution | |
| Information Exposure | |
| Incorrect Type Conversion or Cast | |
| Out-of-Bounds | |
| Arbitrary Code Injection | |
| Denial of Service (DoS) | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Cross-site Scripting (XSS) | |
| Out-of-Bounds | |
| Incorrect Type Conversion or Cast | |
| Improper Access Control | |
| Out-of-Bounds | |
| Access Restriction Bypass | |
| Use After Free | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Prototype Pollution | |
| Buffer Overflow | |
| Use After Free | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Information Exposure | |
| NULL Pointer Dereference | |
| Buffer Overflow | |
| Remote Code Execution (RCE) | |
| Arbitrary File Read | |
| Time-of-check Time-of-use (TOCTOU) Race Condition | |
| Sandbox Bypass | |
| Information Exposure | |
| Arbitrary Code Execution | |
| Improper Validation of Array Index | |
| Insufficient Verification of Data Authenticity | |
| Improper Input Validation | |
| Access Restriction Bypass | |
| Improper Input Validation | |
| Denial of Service (DoS) | |
| Arbitrary Code Execution | |
| Information Exposure | |
| Arbitrary Code Execution | |
| Use After Free | |
| Denial of Service (DoS) | |
| Creation of Temporary File With Insecure Permissions | |
| Arbitrary Code Execution | |
| Arbitrary Code Execution | |
| Cross-site Scripting (XSS) | |
| Transmission of Private Resources into a New Sphere ('Resource Leak') | |
| Cross-site Scripting (XSS) | |
| Improper Validation of Certificate Expiration | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Execution | |
| Information Exposure | |
| Improper Input Validation | |
| Information Exposure | |
| Denial of Service (DoS) | |
| HTTP Header Injection | |
| Improper Resource Shutdown or Release | |
| Buffer Overflow | |
| Improper Access Control | |
| Privilege Escalation | |
| Buffer Overflow | |
| Use After Free | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Use of Cache Containing Sensitive Information | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Information Exposure | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Insufficiently Protected Credentials | |
| Denial of Service (DoS) | |
| Authorization Bypass | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Buffer Overflow | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Unsafe Dependency Resolution | |
| Unsafe Dependency Resolution | |
| Denial of Service (DoS) | |
| Information Exposure | |
| Denial of Service (DoS) | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Authorization Bypass | |
| Buffer Overflow | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Out-of-Bounds | |
| Denial of Service (DoS) | |
| Return of Wrong Status Code | |
| Prototype Pollution | |
| Product UI does not Warn User of Unsafe Actions | |
| Buffer Overflow | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Improper Input Validation | |
| Time-of-check Time-of-use (TOCTOU) Race Condition | |
| Use After Free | |
| Use After Free | |
